<?php
class ArticlesController extends AppController {

	public $name = "Articles";

	public function index() {
		$latest_articles = "";
	}

	public function add() {
		if ($this->request->is('post')) {
			$this->request->data['Article']['user_id'] = $this->Auth->user('id'); //Added this line
			if ($this->Article->save($this->request->data)) {
				$this->Session->setFlash('Your post has been saved.');
				$this->redirect(array (
					'action' => 'index'
				));
			}
		}
	}

	public function isAuthorized($user) {

		if (parent :: isAuthorized($user)) {
			return true; //Admin can access every action
		}

		if ($this->action === 'add') {
			// All registered users can add posts
			return true;
		}
		if (in_array($this->action, array (
				'edit',
				'delete'
			))) {
			$postId = $this->request->params['pass'][0];
			return $this->Article->isOwnedBy($postId, $user['id']);
		}

		return false;
	}

}